Commit Graph

230 Commits

Author SHA1 Message Date
Rachel Baker d5a6676eb2 Revisions: Change the capability needed to view revision diffs to `edit_post`.
Merge of [37779] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@37799


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:44:29 +00:00
Dominik Schilling ec4db723d2 XMLRPC: Don't allow private posts to be sticky.
Merge of [33325], [33612], and [34135] to the 4.2 branch.

See #20662.
Built from https://develop.svn.wordpress.org/branches/4.2@34152


git-svn-id: http://core.svn.wordpress.org/branches/4.2@34120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 22:51:28 +00:00
Dion Hulse b6058e2231 Updates: Correctly identify more failed update cases.
This checks for a WP_Error being raised during an individual update, in addition to just the bootstrap error cases.
When a error occurs during the connection phase, pass the error message back as the ajax failure message.

Merges [32571] & [32778] to the 4.2 branch

See #32473, #32435

Built from https://develop.svn.wordpress.org/branches/4.2@33302


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-17 03:59:28 +00:00
Dion Hulse 8e96288144 Shiny Updates: Handle the case where the plugin is installed into a different directory than it previously existed in.
A good example of this is when the plugin being updated is currently installed as 'Plugin-Name' but the canonical directory is 'plugin-name', but it can also occur when the plugin is installed in 'super-cool-plugin' and it's canonical name is 'average-plugin'.

Merges [32570] to the 4.2 branch.
Fixes #32465

Built from https://develop.svn.wordpress.org/branches/4.2@33301


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-17 03:55:28 +00:00
Dion Hulse 7090cf8980 Updates: When performing an ajax plugin update, rely upon `wp_update_plugins()` to check the contents of the transient and return early if no request needs to be made.
This works around a bug where custom update handlers are injecting an update into an empty transient, malforming the transient and causing update failures.
Merges [33257] to the 4.2 branch.
Fixes #32198 for 4.2

Built from https://develop.svn.wordpress.org/branches/4.2@33258


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-14 08:04:27 +00:00
Andrew Ozz 60706015e1 Revert editing of video embed parameters in the media modal, [31620] and [31626] for now. Plan on revisiting in 4.3.
Props iseulde. Fixes #31139, fixes #32006.
Built from https://develop.svn.wordpress.org/trunk@32258


git-svn-id: http://core.svn.wordpress.org/trunk@32229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-21 22:41:26 +00:00
Boone Gorges 54a6a8e137 Don't allow whitespace-only image captions from the Media modal.
Captions containing only whitespace trick `image_add_caption()` into thinking
a caption is required, but the empty caption text confuses wpeditimage into
stripping the 'align' class specified by the user.

Fixes #21848.
Built from https://develop.svn.wordpress.org/trunk@32079


git-svn-id: http://core.svn.wordpress.org/trunk@32058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-08 17:11:27 +00:00
Helen Hou-Sandí 42028327a2 Insert from URL: Make sure the link text is actually used.
Turns out there were more pieces to renaming the field.

props iseulde.
fixes #29476.

Built from https://develop.svn.wordpress.org/trunk@32055


git-svn-id: http://core.svn.wordpress.org/trunk@32034 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-06 18:25:27 +00:00
Drew Jaynes b500d3e978 Fix typos in the function summaries for `wp_ajax_press_this_save_post()` and `wp_ajax_press_this_add_category()`.
See [31534]. See #31888.

Built from https://develop.svn.wordpress.org/trunk@32007


git-svn-id: http://core.svn.wordpress.org/trunk@31986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-04 14:38:26 +00:00
Drew Jaynes 05fa6879ce Add an `@see` mention for `Plugin_Upgrader`, plus spacing to the `wp_ajax_update_plugin()` delcaration.
See #31888.

Built from https://develop.svn.wordpress.org/trunk@32006


git-svn-id: http://core.svn.wordpress.org/trunk@31985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-04 14:19:27 +00:00
Sergey Biryukov 36643388ef Decouple strings where the singular and plural form are not just the same string with different numbers, but essentially two different strings.
This allows for using proper plural forms in languages with more than two forms, and also resolves string conflicts when the same string is present in both singular and plural form.

fixes #28502.
Built from https://develop.svn.wordpress.org/trunk@31941


git-svn-id: http://core.svn.wordpress.org/trunk@31920 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-31 18:45:28 +00:00
Aaron Jorbin 9b23faef07 Remove Shiny Plugin Installs
See #31773, #29820


Built from https://develop.svn.wordpress.org/trunk@31897


git-svn-id: http://core.svn.wordpress.org/trunk@31876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-26 02:30:28 +00:00
Scott Taylor bce851dcf2 Replace `array_shift()` with `reset()` where appropriate for performance.
Props SergeyBiryukov.
Fixes #31259.

Built from https://develop.svn.wordpress.org/trunk@31829


git-svn-id: http://core.svn.wordpress.org/trunk@31811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-19 03:56:27 +00:00
Aaron Jorbin 2d64637ff8 Request FTP and SSH credentials when needed during shiny updates
This is a restoration of [31749] which was reverted in [31755].

It includes a number of enhancements from the original version.  Namely:
 * Not doing a credential check in src/wp-includes/script-loader.php
 * Add new function `wp_print_request_filesystem_credentials_modal`
 * update the version number in the list table when a plugin is updated

UI still needs further work, but this basic version should enable more testing

Props ericlewis, jorbin
See #31528


Built from https://develop.svn.wordpress.org/trunk@31811


git-svn-id: http://core.svn.wordpress.org/trunk@31793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-18 03:18:27 +00:00
Dominik Schilling 474f001c42 Revert [31749], see #31528.
Built from https://develop.svn.wordpress.org/trunk@31755


git-svn-id: http://core.svn.wordpress.org/trunk@31736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-12 17:51:26 +00:00
Sergey Biryukov e8a600ac94 Shiny Updates: Don't translate an error code string.
props ericlewis.
fixes #31606.
Built from https://develop.svn.wordpress.org/trunk@31751


git-svn-id: http://core.svn.wordpress.org/trunk@31732 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-12 13:09:27 +00:00
Aaron Jorbin 5b658df402 Request FTP and SSH credentials when needed during shiny updates
This is a first pass at requesting FTP and SSH credentials when needed during shiny updates. Styling and some UX improvements are still needed, but we do show the prompt and use the passed data when doing plugin installs and updates for shiny updates.  There are also a couple of areas that we could improve code wise such how we create the requestFilesystemCredentials part of the localized _wpUpdatesSettings. Over the past half century, we've split the atom, we've spliced the gene and we've roamed Tranquility Base. We've reached for the stars and never have we been closer to having them in our grasp. That has nothing to do with shiny updates. 

Props ericlewis, jorbin, and drewapicture for testing
Fixes #31528


Built from https://develop.svn.wordpress.org/trunk@31749


git-svn-id: http://core.svn.wordpress.org/trunk@31730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-12 08:53:26 +00:00
Scott Taylor 8f0b626d13 Introduce a function, `wp_attachment_is( $type, $post = 0 )`, to collapse the logic for determining whether an attachment is an `image`, `audio`, or `video`.
This is admittedly a first pass. There needs to be a generic handler for when any other type is passed, but for now it accepts the whitelist.

See #25275.

Built from https://develop.svn.wordpress.org/trunk@31645


git-svn-id: http://core.svn.wordpress.org/trunk@31626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-06 20:26:26 +00:00
Scott Taylor da7359b060 After [31620], when checking for HTTP URLs, make sure we are checking the shortcode body instead of an indexed attribute.
See #31139.

Built from https://develop.svn.wordpress.org/trunk@31626


git-svn-id: http://core.svn.wordpress.org/trunk@31607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-05 16:26:25 +00:00
Scott Taylor cc953717b7 Allow inline editing of `width` and `height` parameters while previewing an embed in the media modal:
* Use `wp.shortcode()` instead of manually constructing a shortcode in `views/embed/link`
* Allow a URL to transition to a shortcode (and vice versa) when returning an embed to TinyMCE
* In `WP_Embed`, store the last URL and last set of attributes requested in class properties
* `wp_ajax_parse_embed()`, allow `[embed]`s to have attributes. Return `attr` in the response.

This is a first pass to allow broad testing with recent MCE view changes. 

See #31139.

Built from https://develop.svn.wordpress.org/trunk@31620


git-svn-id: http://core.svn.wordpress.org/trunk@31601 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-05 06:00:26 +00:00
Scott Taylor d3471e9850 Allow attachments to be Detached from their parent in media grid and list modes.
See #6820.

Built from https://develop.svn.wordpress.org/trunk@31619


git-svn-id: http://core.svn.wordpress.org/trunk@31600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-05 05:35:28 +00:00
Andrew Ozz 1857055bb8 PressThis v2, first run. Props michael-arestad, stephdau, marcelomazza, DrewAPicture, iseulde, afercia, kraftbj, rachelbaker, AramZS, dd32. See #31373.
Built from https://develop.svn.wordpress.org/trunk@31534


git-svn-id: http://core.svn.wordpress.org/trunk@31515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-25 01:50:26 +00:00
Jeremy Felt 678982ee7e Do not activate plugins on initial installation in multisite.
Check `is_multisite()` before activating a plugin that has been installed via AJAX. Without this check, the plugin would be automatically activated on the main site of the network.

Props ianmjones.

Fixes #31327.

Built from https://develop.svn.wordpress.org/trunk@31511


git-svn-id: http://core.svn.wordpress.org/trunk@31492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-22 21:30:25 +00:00
Dion Hulse 3cec3655e9 Prevent IE9 and lower displaying the download file dialogue when attempting to upload using the `html4` Plupload handler.
The HTML4 Plupload handler uses a hidden iframe to POST the upload form,
Unfortunately Internet Explorer 9 doesn't support the `application/json` 
content-type which `wp_send_json_success()` and requires `text/html` instead.

This partially reverts [30354], keeping the better error messages.

Fixes #31037 for trunk.

Built from https://develop.svn.wordpress.org/trunk@31429


git-svn-id: http://core.svn.wordpress.org/trunk@31410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-12 01:15:29 +00:00
Sergey Biryukov f166a51809 Update body class when switching between admin color schemes.
props valendesigns.
fixes #30488.
Built from https://develop.svn.wordpress.org/trunk@31400


git-svn-id: http://core.svn.wordpress.org/trunk@31381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-10 02:23:28 +00:00
Gary Pendergast 5e4d135411 Shiny Updates: Fix a PHP warning when installing new plugins.
Props lgladdy for the initial patch.

See #29820


Built from https://develop.svn.wordpress.org/trunk@31345


git-svn-id: http://core.svn.wordpress.org/trunk@31326 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-06 00:34:21 +00:00
Gary Pendergast 27aa3e92d7 Shiny Updates: If the current user is not allowed to install/update plugins, we should return a JSON error, so it can be used by the JS handlers.
See #29820


Built from https://develop.svn.wordpress.org/trunk@31335


git-svn-id: http://core.svn.wordpress.org/trunk@31316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-05 06:16:23 +00:00
Gary Pendergast b7926a518a Shiny Updates: Add capability checks to the ajax callbacks, to ensure the current user is allowed to install/update plugins.
See #29820


Built from https://develop.svn.wordpress.org/trunk@31334


git-svn-id: http://core.svn.wordpress.org/trunk@31315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-05 06:05:22 +00:00
Gary Pendergast 9c69213f2b Shiny Updates: Add ajax-y updates to the plugin list page, and ajax-y updates and installs to the plugin card page.
This also includes JS architecture that can be expanded to support theme, core and language pack updates.

Props pento, ericlewis, lgladdy, adamsilverstein, DrewAPicture

See #29820


Built from https://develop.svn.wordpress.org/trunk@31333


git-svn-id: http://core.svn.wordpress.org/trunk@31314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-05 04:19:23 +00:00
Boone Gorges f345a72c58 Prevent terms in a show_in_quick_edit=false taxonomy from being updated by a faked AJAX request.
The UI for these taxonomies was hidden in [31308], but it remained possible to
send a direct POST request to the `inline-edit` endpoint to bypass the
restriction. The current changeset fixes this.

Props meloniq.
Fixes #26948.
Built from https://develop.svn.wordpress.org/trunk@31313


git-svn-id: http://core.svn.wordpress.org/trunk@31294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-31 19:38:24 +00:00
Scott Taylor 60c285aa22 In `wp_ajax_parse_media_shortcode()`, don't require a global `$post` for all passed shortcodes.
`embed` is the only shortcode that requires a post ID. This will allow MCE views to work for `playlist`, `audio`, and `video` outside of the Edit Post screen.

See #30835.

Built from https://develop.svn.wordpress.org/trunk@31201


git-svn-id: http://core.svn.wordpress.org/trunk@31182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 05:19:22 +00:00
Scott Taylor afd09f1f04 In `wp_ajax_upload_attachment()`, `wp_check_filetype_and_ext()` doesn't need a 3rd param - it already defaults to `null`. Passing `false` would fail a strict check
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31119


git-svn-id: http://core.svn.wordpress.org/trunk@31100 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 04:55:25 +00:00
Scott Taylor 60b0cd7943 The keyword `elseif` should be used instead of `else if` so that all control keywords look like single words.
This was a mess, is now standardized across the codebase, except for a few 3rd-party libs. 

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31090


git-svn-id: http://core.svn.wordpress.org/trunk@31071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 07:05:25 +00:00
Scott Taylor c5f9a7c26a Respect query vars for taxonomies passed as URL parameters when in grid mode of Media Library.
Fixes #30584.

Built from https://develop.svn.wordpress.org/trunk@31037


git-svn-id: http://core.svn.wordpress.org/trunk@31018 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-03 08:24:22 +00:00
Scott Taylor 618c5b4333 When outputting JS with a `Content-Type` header:
`text/javascript` is obsolete, `application/x-javascript` was experimental. `application/javascript` is the recommended type per RFC 4329.

Props sergej.mueller.
Fixes #29196.

Built from https://develop.svn.wordpress.org/trunk@31029


git-svn-id: http://core.svn.wordpress.org/trunk@31010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-03 02:57:21 +00:00
Scott Taylor 952a5c9971 Support chromeless Vimeo via MEjs:
* Bump MediaElement script loader versions to 2.16.2 - missed in [30634], oops!
* Add `Froogaloop` to `js/mediaelement` scripts for Vimeo
* Check for Vimeo in the same locations that YouTube is checked
* Dynamically load Froogaloop script in admin when editing a TinyMCE view
* Edit MediaElement to call `mejs.$.extend` instead of `$.extend` in `mejs.HtmlMediaElementShim.createPlugin()`, since `$` is not available via WP's jQuery (I will report this upstream):
6f9a78e008/src/js/me-shim.js (L631)

Fixes #29267.

Built from https://develop.svn.wordpress.org/trunk@31016


git-svn-id: http://core.svn.wordpress.org/trunk@30997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-31 20:41:24 +00:00
Andrew Nacin 23f4b0f62f Updates to the 'Log out everywhere' implementation.
* Include a message and a disabled button when you're only logged in at one location.
 * Avoid leaking the session token in HTML.
 * Simplify, simplify, simplify.

see #30264.

Built from https://develop.svn.wordpress.org/trunk@30888


git-svn-id: http://core.svn.wordpress.org/trunk@30878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-16 09:15:23 +00:00
Sergey Biryukov 0a8b72866e Add missing periods to strings introduced in [30333].
props DrewAPicture.
see #30264.
Built from https://develop.svn.wordpress.org/trunk@30596


git-svn-id: http://core.svn.wordpress.org/trunk@30586 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-28 06:26:22 +00:00
Drew Jaynes a899bbaee7 Improve inline documentation in `wp_ajax_destroy_sessions()`.
If the token is set (`$keep` is a string), this means the user is viewing their own profile-editing screen and destroying their own sessions (except the current one). If it isn't set (`$keep` is null), the user is editing another user's profile and destroying all of their sessions with no exceptions.

See #30264, #30469

Built from https://develop.svn.wordpress.org/trunk@30595


git-svn-id: http://core.svn.wordpress.org/trunk@30585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-28 03:48:22 +00:00
Andrew Ozz 9597159393 Better error message when the admin is ssl and non-ssl oEmbed previews are not available in the editor. Props Japh, fixes #30533.
Built from https://develop.svn.wordpress.org/trunk@30591


git-svn-id: http://core.svn.wordpress.org/trunk@30581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-27 22:37:24 +00:00
John Blackbourn fd15794b5c Add some specific JSON responses when there are user permission errors for AJAX file uploads. Replace some usage of `wp_json_encode()` with `wp_send_json_*()`.
See #25849
Props gcorne

Built from https://develop.svn.wordpress.org/trunk@30354


git-svn-id: http://core.svn.wordpress.org/trunk@30353 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-16 05:47:21 +00:00
John Blackbourn c02845330e Introduce a button on the user profile screen which clears all other sessions, and on the user editing screen which clears all sessions. Only appears when there are applicable sessions which can be cleared.
See #30264.
Props jorbin, ocean90, johnbillion


Built from https://develop.svn.wordpress.org/trunk@30333


git-svn-id: http://core.svn.wordpress.org/trunk@30332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-13 15:21:21 +00:00
Drew Jaynes 92c153aa8c Fix the syntax for some status-related documentation introduced in [30155].
* Variables in DocBlocks should be backtick-escaped
* Parameter and return types should be as specific as possible
* `@param` types and variables should align with each other, but not intentionally with the `@return` description

See #30230.

Built from https://develop.svn.wordpress.org/trunk@30284


git-svn-id: http://core.svn.wordpress.org/trunk@30284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-08 20:56:22 +00:00
Scott Taylor 6a109700d0 In `wp_ajax_get_tagcloud()`, bail immediately if `$_POST['tax']` isn't set so that all of the variable setting can happen in the same nest scope as the rest of the function - `wp_die()` confuses Scrutinizer.
See #30224.

Built from https://develop.svn.wordpress.org/trunk@30168


git-svn-id: http://core.svn.wordpress.org/trunk@30168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-01 22:54:22 +00:00
Scott Taylor a786fb779c In `wp_ajax_ajax_tag_search()`, bail immediately if `$_GET['tax']` isn't set so that all of the variable setting can happen in the same nest scope as the rest of the function - `wp_die()` confuses Scrutinizer.
See #30224.

Built from https://develop.svn.wordpress.org/trunk@30167


git-svn-id: http://core.svn.wordpress.org/trunk@30167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-01 22:48:22 +00:00
Scott Taylor be08f576df Improve some `post_status`-related documentation.
Props ericlewis.
See #30230.

Built from https://develop.svn.wordpress.org/trunk@30155


git-svn-id: http://core.svn.wordpress.org/trunk@30155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-01 20:20:23 +00:00
Boone Gorges 96b42c2fdc Allow resource_type to be specified in `get_ancestors()`.
Being explicit about resource type (taxonomy vs post_type) allows for the
proper resolution of conflicts when a taxonomy and post_type share a slug.

Props filosofo.
Fixes #15029.
Built from https://develop.svn.wordpress.org/trunk@30141


git-svn-id: http://core.svn.wordpress.org/trunk@30141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-01 02:58:23 +00:00
Gary Pendergast 007ec52958 Add `wp_json_encode()`, a wrapper for `json_encode()` that ensures everything is converted to UTF-8.
Change all core calls from `json_encode()` to `wp_json_encode()`.

Fixes #28786.


Built from https://develop.svn.wordpress.org/trunk@30055


git-svn-id: http://core.svn.wordpress.org/trunk@30055 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-28 18:35:19 +00:00
Scott Taylor 2f328cc4c1 In `wp_ajax_replyto_comment()`, if `$_POST['comment_type']` is set, use it for the value of `$comment_type`, which the `compact()` call has assumed is set since [8720]. It never was.
`wp_comment_reply()`'s output can be complete overridden by the `wp_comment_reply` filter, so this check is justified and makes the AJAX callback more flexible.

Props nerrad.
Fixes #29704.

Built from https://develop.svn.wordpress.org/trunk@29758


git-svn-id: http://core.svn.wordpress.org/trunk@29530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-23 03:29:16 +00:00
Andrew Nacin 4080e96339 Ensure oEmbed previews listen to [embed] width/height attributes.
props azaozz.
fixes #29474.

Built from https://develop.svn.wordpress.org/trunk@29681


git-svn-id: http://core.svn.wordpress.org/trunk@29456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-03 00:40:16 +00:00